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DETAILED ACTION 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 4/21/09 
has been entered. 

2. Claims 1-2 and 4-6 have been amended. Claim 3 is cancelled. New claims 7-18 
have been added. Claims 1-2 and 4-18 are pending. 

Response to Arguments 

3. Applicant's arguments filed on April 21 , 2009 have been considered but are moot 
in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 
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5. Claims 1-2, 4-9 and 12-18 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Yamaguchi et al. (hereinafter Yamaguchi) US Patent Number 
5,604,807 in view of Keromytis et al. (hereinafter Keromytis) "Transparent Network 
Security Policy Enforcement", USENIX 2000 and in view Inada et al. (hereinafter Inada) 
US 6,775,769. 

6. As per claims 1, 5, 14 and 18: 

Yamaguchi teaches a central encryption management system, comprising: 

an encryption apparatus configured to be connected between a plurality of data 
communications terminals, (Figure 12, item 53, 54 and 55) 

the encryption apparatus to perform at least one of an encrypting process or a 
decrypting process on data to terminate encryption-based security between 
communications terminals having encrypting capability and non-encrypting capability; 
(Figure 12, item 76) and 

a manager terminal to input information into each of the encryption apparatus 
and the communication terminals having encrypting capability, the information including 
a time period of encryption, thereby completing settings for encrypted data 
communications on each of the apparatus and the communications terminals having 
encrypting capability; (Figure 12, item 51; Figure 13; col. 3, line 62-col. 4, line 20; col. 
12, lines 50-64; col. 13, line 60-col. 14, line 12) 

Yamaguchi does not explicitly disclose wherein the encryption apparatus further 
includes a bridge to output data received on one of a plurality ports of the encryption 
apparatus to another port of the encryption apparatus, without any routing process, after 
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the encrypting or decrypting process; and information including whether or not data 
packets are to be discarded between specific terminals after the data packets have 
been received. Keromytis in analogous art, however, teaches wherein the encryption 
apparatus further includes a bridge to output data received on one of a plurality ports of 
the encryption apparatus to another port of the encryption apparatus, without any 
routing process, after the encrypting or decrypting process. (2.1 Layer-3Filtering; 2.2 
Layer-2 Filtering; 2.4 Bridge Security; 3.Bridging and IPsec) Therefore it would have 
been obvious to one ordinary skill in the art at the time the invention was made to 
modify the system disclosed by Yamaguchi with Keromytis in order to provide 
transparent IPsec gateway capability for a host or even a network wherein the security 
gateway can act as a security policy enforcer, ensuring that incoming and outgoing 
packets are adequately protected, based on system or network policy. (1 . Introduction; 
Keromytis) 

Both references do not explicitly disclose information including whether or not 
data packets are to be discarded between specific terminals after the data packets have 
been received. Inada in analogous art, however, discloses information including 
whether or not data packets are to be discarded between specific terminals after the 
data packets have been received, (col. 5, line 25- col. 6, line 65; col. 15, line 25-col. 16, 
line 56; col. 17, lines24-63) Therefore it would have been obvious to one ordinary skill in 
the art at the time the invention was made to modify the system disclosed by 
Yamaguchi and Keromytis with Inada in order to manage the operation of the 
cryptographic apparatus by processing a management packet for managing the 
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cryptographic apparatus from another machine connected to the network, (col. 17, lines 

58-63; Inada) 

As per claims 2 and 15: 

The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Yamaguchi further discloses a central 
encryption management system the encryption apparatus configured to receive and 
retransmit data in the form of encrypted data from and to one of the plurality of 
communications terminals having the encrypting capability, and the encryption 
apparatus is configured to receive and retransmit the data in the form of non-encrypted 
data from and to one of the plurality of communications terminals having no encrypting 
capability, (col. 12, lines 50-64) 
As per claims 4, 6 and 16: 

The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Yamaguchi further discloses a central 
encryption management system wherein the encryption apparatus further includes a 
storage to store the information inputted from the manager terminal, the inputted 
information being used when controlling the encrypting process and the decrypting 
process, and the encryption apparatus controls the encrypting process and the 
decrypting process by comparing the information stored in the storage with header 
information of a data packet of the data received through one of the plurality of ports, 
(col. 11, line 44-col. 12, line 45) 
As per claim 7: 
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The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Yamaguchi further discloses a central 
encryption management system wherein the information comprises at least one of 
information associated with the presence or absence of encryption or decryption 
process, the availability of packet communications, an encryption level, a time period to 
perform encryption, a encryption policy or an encryption key. (Figure 12, item 51 ; Figure 
13; col. 3, line 62-col. 4, line 20; col. 12, lines 50-64; col. 13, line 60-col. 14, line 12) 

As per claim 8: 

The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Inada further discloses wherein the at least one 
of the plurality of communications terminals are inside a secured network. (Figure 12) 

As per claim 9: 

The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Inada further discloses wherein the at least one 
of the plurality of communications terminals is outside secured network. (Figure 12) 

As per claim 12: 

The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Yamaguchi further discloses a central 
encryption management system wherein the plurality of communications terminals are 
arranged in a plurality of local area networks. (Figure 12, item 51; Figure 13; col. 3, line 
62-col. 4, line 20; col. 12, lines 50-64; col. 13, line 60-col. 14, line 12) 

As per claim 13: 
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The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Yamaguchi further discloses a central 
encryption management system wherein comprising a plurality o f manager terminals, 
each of the plurality o f manager terminals to manage encryption and decryption 
settings in the communications terminals having encrypting capabilities in at least 
one of the plurality of local area networks. (Figure 12, item 51; Figure 13; col. 3, line 62- 
col. 4, line 20; col. 12, lines 50-64; col. 13, line 60-col. 14, line 12) 

As per claim 17: 

The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. In addition, Keromytis further discloses performing an 
encrypting process or a decrypting process on data received at one of the plurality of 
ports after passing through a data link layer and a physical layer; and outputting 
encrypted or decrypted data from another of the plurality of ports through a data link 
layer and a physical layer associated with the other port without passing said data to a 
network layer in which routing between networks are controlled. (2.1 Layer-3Filtering; 
2.2 Layer-2 Filtering; 2.4 Bridge Security; 3. Bridging and IPsec) 
7. Claims 1 0-1 1 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Yamaguchi et al. (hereinafter Yamaguchi) US Patent Number 5,604,807 in view of 
Keromytis et al. (hereinafter Keromytis) "Transparent Network Security Policy 
Enforcement", USENIX 2000 and in view Inada et al. (hereinafter Inada) US 6,775,769 
and in view of Doiron et al. (hereinafter Doiron) US 5,481 ,610. 

As per claim 10: 
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The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. None of the combination cited explicitly disclose wherein 
the encryption apparatus comprises a data path for a connected terminal and performs 
the encryption process or the decryption process on data received or transmitted on 
each data path using a different encryption key associated with the connected terminal. 
Doiron in analogous art, however, discloses wherein the encryption apparatus 
comprises a data path for a connected terminal and performs the encryption process or 
the decryption process on data received or transmitted on each data path using a 
different encryption key associated with the connected terminal, (col. 7, line 29-col. 8, 
line 33) Therefore it would have been obvious to one ordinary skill in the art at the time 
the invention was made to modify the system disclosed by Yamaguchi, Keromytis and 
Inada with Doiron in order to protect the data path by preventing signal analysis thereby 
avoiding revealing the cryptographic keys. (col. 8, lines 21-23; Doiron) 

As per claim 1 1 : 

The combination of Yamaguchi, Keromytis and Inada teaches all the subject 
matter as discussed above. None of the combination cited explicitly disclose wherein 
the encryption apparatus comprises wherein the plurality of communications terminals 
having encrypting capability are connected to the encryption apparatus through an 
access point. Doiron in analogous art, however, discloses wherein the encryption 
apparatus comprises wherein the plurality of communications terminals having 
encrypting capability are connected to the encryption apparatus through an access 
point, (col. 3, lines 3-35) Therefore it would have been obvious to one ordinary skill in 
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the art at the time the invention was made to modify the system disclosed by 
Yamaguchi, Keromytis and Inada with Doiron in order to provide a secure radio 
frequency communications system that encrypts and decrypts messages, (col.1, lines 5- 
10; Doiron) 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to SHEWAYE GELAGAY whose telephone number is 
(571)272-4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



IS. G.I 
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